MA257: INTRODUCTION TO NUMBER THEORY LECTURE NOTES

Transcription

1 MA257: INTRODUCTION TO NUMBER THEORY LECTURE NOTES Diophantine Equations A Diophantine Equation is simply an equation in one or more variables for which integer (or sometimes rational) solutions are sought. For example: x 2 + y 2 = z 2 has solutions (x, y, z) = (3, 4, 5), (5, 12, 13),... ; x 3 + y 3 = z 3 has no solutions with x, y, z positive integers; x 2 61y 2 = 1 has infinitely many solutions with x, y > 0; the smallest has x = and y = We will use the techniques we have developed in earlier chapters, as well as one new one, to solve a number of Diophantine equations all of which have had some historical interest. Their solution has led to the development of much of modern algebra and number theory. The new technique we will use is called the Geometry of Numbers Geometry of Numbers and Minkowski s Theorem. We will use the geometry of R n and of certain subsets of it: Definition A lattice in Z n is a subgroup L Z n of finite index. The lattices we will use are all defined using congruence conditions on the coordinates of vectors in Z n, and the index of the lattice will be determined from the moduli of these congruences (example to follow soon). There are more general subset of R n called lattices, but we will not need them. Our general strategy will be to set up a lattice so that the coordinates give a modular approximation to the equation being solved; then to get an exact solution we require a second condition, that the vector of coefficients is small in some sense. Minkowski s Theorem will show that

2 48 J. E. CREMONA (under certain conditions) there are short lattice vectors, and we win. Its statement requires the following definitions. Definition A subset S R n is symmetric if x S x S, and convex if x, y S = tx + (1 t)y S for all t with 0 t 1. Here is the result from the geometry of numbers we will use to deduce the existence of solutions to several Diophantine Equations: Theorem [Minkowski] Let L Z n be a lattice of index m, and let S R n be a bounded convex symmetric domain. If S has volume v(s) > 2 n m, then S contains a nonzero element of L. The same conclusion holds when v(s) = 2 n m, provided that S is compact Sums of squares. In this section we will give an answer to the questions which positive integers can be expressed as a sum of 2 squares (S2S), or a sum of 3 squares (S3S), or a sum of 4 squares (S4S)? In the 3-squares case we will only give a partial proof, since the full proof uses concepts which we will not cover. The reason for the S3S case being harder is that the set of S3S numbers is not closed under multiplication, while for S2S and S4S it is, which then essentially reduces the question to the case of primes Sums of two squares. To ask whether an integer n is a sum of two squares, n = a 2 + b 2, is the same as to ask whether it is the norm of a Gaussian Integer: n = a 2 + b 2 = N(α) where α = a + bi Z[i]. Using Theorem on Gaussian primes, such an integer must be a product of norms of Gaussian primes which are: 2, p for any prime p 1 (mod 4), and q 2 for any prime q 3 (mod 4). This proves the following:

3 MA257: INTRODUCTION TO NUMBER THEORY LECTURE NOTES Theorem The positive integer n may be expressed as a sum of two squares, n = x 2 + y 2, if and only if ord q (n) is even for all primes q 3 (mod 4), or equivalently if and only if n = ab 2 where a has no prime factors congruent to 3 (mod 4). Remarks: One can similarly characterize positive integers of the form n = x 2 +2y 2 as those such that ord q (n) is even for all primes q 5, 7 (mod 8). Either a direct proof or one based on unique factorization in the Euclidean Domain Z[ 2] is possible. A similar result holds for n = x 2 + 3y 2 (though is slightly harder to prove since Z[ 3] is not Euclidean). But the pattern does not continue, and for general m it is a very hard problem to determine exactly which integers n, or even which primes p, have the form x 2 + my 2. The study of this question leads on to algebraic number theory, and in particular to the study of the arithmetic properties of quadratic number fields. Recall from Chapter 1 that the key to determining the Gaussian primes was a fact which we only proved later (Theorem 2.4.2): that if p is a prime such that p 1 (mod 4) then p is a sum of two squares. We proved this in Chapter 2 by using facts about Gaussian Integers, together with the fact that for such primes the congruence x 2 1 (mod p) has a solution. Now we give a different proof that p 1 (mod 4) = p = a 2 + b 2, as a first application of the Geometry of Numbers. Theorem [=Theorem again] Let p be a prime such that p 1 (mod 4). Then there exist integers a and b such that p = a 2 + b 2. Before applying Minkowski again to prove the four-square theorem below, we will briefly (and incompletely) look at sums of three squares.

4 50 J. E. CREMONA Sums of three squares. Proposition Let n be a positive integer with n 7 (mod 8). Then n is not a sum of three squares, and nor is any integer of the form 4 k n with n 7 (mod 8). The converse of this result is true: every positive integer not of the form 4 k n with n 7 (mod 8) can be written as a sum of three squares. But this is harder to prove and we omit it. Instead we turn to sums of four squares Sums of four squares. Theorem [Lagrange] Every positive integer may be expressed as a sum of four squares. Note that 0 is allowed as one of the squares. The theorem will follow from the following Lemma 4.2.5, which reduces the problem to expressing all primes as S4S, and Proposition which shows that all primes are S4S. Lemma If m = a a a a 2 4 and n = b b b b 2 4 then mn = c c c c 2 4 where c 1 = a 1 b 1 + a 2 b 2 + a 3 b 3 + a 4 b 4 c 2 = a 1 b 2 a 2 b 1 + a 3 b 4 a 4 b 3 c 3 = a 1 b 3 a 3 b 1 a 2 b 4 + a 4 b 2 c 4 = a 1 b 4 a 4 b 1 + a 2 b 3 a 3 b 2. Proposition Every prime number may be expressed as a sum of four squares.

5 MA257: INTRODUCTION TO NUMBER THEORY LECTURE NOTES Legendre s Equation. Here is an example of an equation with no nontrivial solutions. Example: The equation x 2 + y 2 = 3z 2 has no integer solutions except x = y = z = 0. For suppose that (x, y, z) is a nonzero solution. Then we may assume that gcd(x, y) = 1 since if both x and y were divisible by some prime p, then p 2 3z 2 and so p z, so we could divide through by p 2 to get the smaller nontrivial solution (x/p, y/p, z/p). Next, neither x nor y is divisible by 3 (since if either is then so would the other be). This implies x ±1 (mod 3) and y ±1 (mod 3), so x 2 + y = 2 0 (mod 3), contradicting x 2 + y 2 = 3z 2. We have used two properties of the number 3 here: that it is square-free (so p 2 3z 2 = p z) and that x 2 + y 2 0 (mod 3) = x y 0 (mod 3). So the same argument works for the equations x 2 + y 2 = qz 2 where q is any prime congruent to 3 (mod 4). The general equation (4.3.1) ax 2 + by 2 = cz 2 with a, b, c N has been studied since the 19th century, and is known as Legendre s Equation. There is a simple criterion for the existence of nontrivial solutions in terms of congruences modulo a, b and c. By a solution to (4.3.1) we will always mean a solution other than the trivial one (x, y, z) = (0, 0, 0), and a solution will be called primitive if gcd(x, y, z) = 1. First we reduce to the case where a, b, c are pairwise coprime and square-free (equivalently, abc is square-free). If d = gcd(a, b) > 1 then we have a one-one correspondence between solutions (x, y, z 1 ) to the equation (a/d)x 2 + (b/d)y 2 = (cd)z 2 1 and (4.3.1) by setting z = dz 1. A similar reduction is possible if gcd(a, c) > 1 or gcd(b, c) > 1. Note that the product abc is reduced (by a factor d) in each case, so after a finite number of steps we achieve gcd(a, b) = gcd(a, c) = gcd(b, c) = 1.

6 52 J. E. CREMONA If d 2 a then we have a one-one correspondence between solutions (x, y 1, z 1 ) to the equation (a/d 2 )x by 2 1 = cz 2 and (4.3.1) by setting y = dy 1 and z = dz 1. Similarly with square factors of b or c. From now on we assume that a, b, c are pairwise coprime and square-free. Theorem Let a, b, c N be pairwise coprime and square-free. Then a non-trivial solution to (4.3.1) exists if and only if each of the quadratic congruences has a solution. x 2 bc (mod a), x 2 ac (mod b), x 2 ab (mod c) Our proof just fails to show that there always is a solution satisfying the inequalities x bc, y ac, z ab, because of the adjustment needed at the end; however there is always such a small solution (proof omitted). To make the proof constructive, we would need to have a method for finding short vectors in lattices. Such methods do exist (the most famous is the LLL method named after Lenstra, Lenstra and Lovasz) and have a huge number of applications in computational number theory and cryptography. One reason that lattice-based methods are becoming popular in cryptography is that they are quantum-resistant, meaning that no-one (yet!) knows how to solve problems such as the SVP (Shortest Vector Problem) using a quantum computer, unlike the case for factorization-based methods such as RSA Pythagorean Triples. A classical problem is to find all right-angled triangles all of whose sides have integral length. Letting the sides be x, y and z this amounts (by Pythagoras s Theorem)

7 MA257: INTRODUCTION TO NUMBER THEORY LECTURE NOTES to finding positive integer solutions to the Diophantine equation (4.4.1) x 2 + y 2 = z 2. A solution (x, y, z) is called a Pythagorean Triple. For example, (3, 4, 5) is a Pythagorean Triple. Clearly if (x, y, z) is a Pythagorean Triple then so is (kx, ky, kz) for all k 1, and to avoid this trivial repetition of solutions we will restrict to Primitive Pythagorean Triples which have the additional property that gcd(x, y, z) = 1. From (4.4.1) it then follows that x, y, z are pairwise coprime, since a prime divisor of any two would have to divide the third. Finally, in any primitive Pythagorean Triple, exactly one of x and y is even, the other odd; for they are not both even by primitivity, and cannot both be odd for then x 2 + y 2 2 (mod 4), so x 2 + y 2 could not be a square. By symmetry we only consider triples with x and z odd, y even. The following result shows how to parametrize all primitive Pythagorean Triples. Theorem Let u and v be positive coprime integers with u v (mod 2) and u > v. Set x = u 2 v 2 ; y = 2uv; z = u 2 + v 2. Then (x, y, z) is a primitive Pythagorean Triple. Conversely, all primitive Pythagorean Triples are obtained in this way for suitable u and v. We will see an application of our parametrization of Pythagorean triples to the Fermat equation x 4 + y 4 = z 4 in the next section. This case of Fermat s Last Theorem says that there are no Pythagorean Triples with all three integers perfect squares. An alternative approach to the previous Theorem is to use the Gaussian Integers Z[i]. Suppose x 2 + y 2 = z 2 with gcd(x, y) = 1 and z odd. Then z 2 = (x + yi)(x yi), and the factors on the

8 54 J. E. CREMONA right are coprime: for if α x + yi and α x yi for some α Z[i], then α 2x and α 2yi, from which α 2 since gcd(x, y) = 1 and i is a unit. But gcd(z, 2) = 1 so α is a unit. Now each of x ± yi must be a square or a unit times a square, since they are coprime and their product is a square and Z[i] is a UFD. If x + yi = ±(u + vi) 2 then x = ±(u 2 v 2 ) and y = ±2uv; if x + yi = ±i(u + vi) 2 then x = 2uv and y = ±(u 2 v 2 ). The proof that gcd(u, v) = 1 and u v (mod 2) is as before, or follows from the fact that u + vi and u vi are coprime in Z[i]. Other similar equations may be solved by the same method. For example, all primitive solutions to x 2 + 2y 2 = z 2 are obtained from (x, y, z) = (±(u 2 2v 2 ), ±2uv, ±(u 2 + 2v 2 )). This can be proved using the UFD Z[ 2] or by elementary means Fermat s Last Theorem. After our success in finding all solutions to the equation x 2 +y 2 = z 2, it is natural to turn to analogous equation for higher powers. So we ask for solutions in positive integers to the equation (4.5.1) x n + y n = z n with n 3. Fermat claimed, in the famous marginal note to his edition of the works of Diophantus, that there are no solutions to (4.5.1). The result is known as Fermat s Last Theorem: it is the last of Fermat s unproved claims to be proved (or disproved). Since 1994 it has become possible to state the result as a Theorem: Theorem [Fermat s Last Theorem; Wiles and Taylor Wiles, 1994] Let n 3. Then there are no solutions in positive integers to the equation x n + y n = z n.

9 MA257: INTRODUCTION TO NUMBER THEORY LECTURE NOTES The only case which we know that Fermat proved is n = 4, which we will prove below. Euler proved the case n = 3, using arithmetic in the ring Z[ 3], though there is some doubt as to the validity of Euler s argument at a crucial step where he tacitly assumed that this ring had unique factorization (which it does not). Subsequent work by Dirichlet, Legendre, Kummer and many others settled many more exponents, at the same time creating most of modern algebraic number theory and algebra. By 1987, the Theorem was known to be true for all n In 1986, an unexpected connection was found, by Frey, between the Fermat equation and another class of Diophantine equation called Elliptic curves. A solution to Fermat s equation would lead to the existence of an elliptic curve with properties so strange that they would contradict widelybelieved, but then unproved, conjectures about elliptic curves. This connection was proved by Ribet. Finally, Andrew Wiles, with the help of Richard Taylor, proved the elliptic curve conjecture, firmly establishing the truth of Fermat s Last theorem. We will prove the case n = 4 of the theorem. Theorem [Fermat s Last Theorem for exponent 4] The equation x 4 + y 4 = z 4 has no solutions in positive integers. We will prove a stronger statement: x 4 + y 4 cannot be a square, let alone a 4th power: Theorem The equation x 4 + y 4 = z 2 has no solutions in positive integers. Corollary Let n N be a multiple of 4. Then there are no solutions in positive integers to the equation x n + y n = z n.

10 56 J. E. CREMONA Now to prove Fermat s Last Theorem in general it suffices to show that the equation x p +y p = z p has no positive integer solutions for each odd prime p, since every n 3 is divisible either by 4 or by an odd prime, and impossibility for a divisor of n implies impossibility for n itself Proof of Minkowski s Theorem. There are several ways to prove Minkowski s Theorem 4.1.3, all of which are based on a continuous analogue of the pigeon-hole principle. We ll use a preliminary result called Blichfeld s Theorem: Theorem [Blichfeld s theorem] Let S be a bounded subset of R n whose volume v(s) exists and satisfies v(s) > m for some integer m 1. Then there exist m + 1 distinct points x 0, x 1,..., x m S such that x i x j Z n for all i, j.

Pythagorean Triples One of the most far-reaching problems to appear in Diophantus Arithmetica was his Problem II-8: To divide a given square into two squares. Namely, find integers x, y, z, so that x 2

The Equation x 2 + y 2 = z 2 The equation x 2 + y 2 = z 2 is associated with the Pythagorean theorem: In a right triangle the sum of the squares on the sides is equal to the square on the hypotenuse. We

11 Ideals The presentation here is somewhat different than the text. In particular, the sections do not match up. We have seen issues with the failure of unique factorization already, e.g., Z[ 5] = O Q(

MATH 361: NUMBER THEORY FIRST LECTURE 1. Introduction As a provisional definition, view number theory as the study of the properties of the positive integers, Z + = {1, 2, 3, }. Of particular interest,

The five fundamental operations of mathematics: addition, subtraction, multiplication, division, and modular forms UC Berkeley Trinity University March 31, 2008 This talk is about counting, and it s about

Chapter Two Number Theory 2.1 INTRODUCTION Number theory is that area of mathematics dealing with the properties of the integers under the ordinary operations of addition, subtraction, multiplication and

SUM OF TWO SQUARES JAHNAVI BHASKAR Abstract. I will investigate which numbers can be written as the sum of two squares and in how many ways, providing enough basic number theory so even the unacquainted

University of Waterloo October 28th, 2015 Number Theory Number theory, can be described as the mathematics of discovering and explaining patterns in numbers. There is nothing in the world which pleases

SUBGROUPS OF CYCLIC GROUPS KEITH CONRAD 1. Introduction In a group G, we denote the (cyclic) group of powers of some g G by g = {g k : k Z}. If G = g, then G itself is cyclic, with g as a generator. Examples

CONSTRUCTION OF THE FINITE FIELDS Z p S. R. DOTY Elementary Number Theory We begin with a bit of elementary number theory, which is concerned solely with questions about the set of integers Z = {0, ±1,

I GROUPS: BASIC DEFINITIONS AND EXAMPLES Definition 1: An operation on a set G is a function : G G G Definition 2: A group is a set G which is equipped with an operation and a special element e G, called

Breaking The Code Ryan Lowe Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and a minor in Applied Physics. As a sophomore, he took an independent study

Congruences Robert Friedman Definition of congruence mod n Congruences are a very handy way to work with the information of divisibility and remainders, and their use permeates number theory. Definition

NUMBER THEORY AMIN WITNO ii Number Theory Amin Witno Department of Basic Sciences Philadelphia University JORDAN 19392 Originally written for Math 313 students at Philadelphia University in Jordan, this

MATH10040 Chapter 2: Prime and relatively prime numbers Recall the basic definition: 1. Prime numbers Definition 1.1. Recall that a positive integer is said to be prime if it has precisely two positive

Discrete Mathematics Lecture 3 Elementary Number Theory and Methods of Proof Harper Langston New York University Proof and Counterexample Discovery and proof Even and odd numbers number n from Z is called

January 10, 2010 CHAPTER SIX IRREDUCIBILITY AND FACTORIZATION 1. BASIC DIVISIBILITY THEORY The set of polynomials over a field F is a ring, whose structure shares with the ring of integers many characteristics.

Unique Factorization Waffle Mathcamp 2010 Throughout these notes, all rings will be assumed to be commutative. 1 Factorization in domains: definitions and examples In this class, we will study the phenomenon

Pythagorean Triples and Fermat s Last Theorem A. DeCelles Notes for talk at the Science Speakers Series at Goshen College Document created: 05/10/011 Last updated: 06/05/011 (graphics added) It is an amazing

CONTINUED FRACTIONS, PELL S EQUATION, AND TRANSCENDENTAL NUMBERS JEREMY BOOHER Continued fractions usually get short-changed at PROMYS, but they are interesting in their own right and useful in other areas

The Prime Numbers Before starting our study of primes, we record the following important lemma. Recall that integers a, b are said to be relatively prime if gcd(a, b) = 1. Lemma (Euclid s Lemma). If gcd(a,

Integer Polynomials June 9, 007 Yufei Zhao yufeiz@mit.edu We will use Z[x] to denote the ring of polynomials with integer coefficients. We begin by summarizing some of the common approaches used in dealing

Problem 1. Prove that a b (mod c) if and only if a and b give the same remainders upon division by c. Solution: Let r a, r b be the remainders of a, b upon division by c respectively. Thus a r a (mod c)

Solutions to Homework Set 3 (Solutions to Homework Problems from Chapter 2) Problems from 21 211 Prove that a b (mod n) if and only if a and b leave the same remainder when divided by n Proof Suppose a

Every Positive Integer is the Sum of Four Squares! (and other exciting problems) Sophex University of Texas at Austin October 18th, 00 Matilde N. Lalín 1. Lagrange s Theorem Theorem 1 Every positive integer

Chapter 5 The Ideal Class Group We will use Minkowski theory, which belongs to the general area of geometry of numbers, to gain insight into the ideal class group of a number field. We have already mentioned

THE CONGRUENT NUMBER PROBLEM KEITH CONRAD 1. Introduction A right triangle is called rational when its legs and hypotenuse are all rational numbers. Examples of rational right triangles include Pythagorean

Primality - Factorization Christophe Ritzenthaler November 9, 2009 1 Prime and factorization Definition 1.1. An integer p > 1 is called a prime number (nombre premier) if it has only 1 and p as divisors.

Some applications of LLL a. Factorization of polynomials As the title Factoring polynomials with rational coefficients of the original paper in which the LLL algorithm was first published (Mathematische

Continued Fractions and the Euclidean Algorithm Lecture notes prepared for MATH 326, Spring 997 Department of Mathematics and Statistics University at Albany William F Hammond Table of Contents Introduction

CONTINUED FRACTIONS AND PELL S EQUATION SEUNG HYUN YANG Abstract. In this REU paper, I will use some important characteristics of continued fractions to give the complete set of solutions to Pell s equation.

Math 319 Problem Set #3 Solution 21 February 2002 1. ( 2.1, problem 15) Find integers a 1, a 2, a 3, a 4, a 5 such that every integer x satisfies at least one of the congruences x a 1 (mod 2), x a 2 (mod

ORDERS OF ELEMENTS IN A GROUP KEITH CONRAD 1. Introduction Let G be a group and g G. We say g has finite order if g n = e for some positive integer n. For example, 1 and i have finite order in C, since

Theorem (The division theorem) Suppose that a and b are integers with b > 0. There exist unique integers q and r so that a = bq + r and 0 r < b. We re dividing a by b: q is the quotient and r is the remainder,

3. QUADRATIC CONGRUENCES 3.1. Quadratics Over a Finite Field We re all familiar with the quadratic equation in the context of real or complex numbers. The formula for the solutions to ax + bx + c = 0 (where

Chapter 6 Number Theory The material in this chapter offers a small glimpse of why a lot of facts that you ve probably nown and used for a long time are true. It also offers some exposure to generalization,

TRIANGLES ON THE LATTICE OF INTEGERS Andrew Roibal and Abdulkadir Hassen Department of Mathematics Rowan University Glassboro, NJ 08028 I. Introduction In this article we will be studying triangles whose

Chapter 23 Squares Modulo p Revised Version of Chapter 23 We learned long ago how to solve linear congruences ax c (mod m) (see Chapter 8). It s now time to take the plunge and move on to quadratic equations.

MATH31: Number Theory Homework until Test # Philipp BRAUN Section 3.1 page 43, 1. It has been conjectured that there are infinitely many primes of the form n. Exhibit five such primes. Solution. Five such

On the largest prime factor of x 2 1 Florian Luca and Filip Najman Abstract In this paper, we find all integers x such that x 2 1 has only prime factors smaller than 100. This gives some interesting numerical

Mathematicians have tried in vain to this day to discover some order in the sequence of prime numbers, and we have reason to believe that it is a mystery into which the human mind will never penetrate.-

178 4. Number Theory: Fermat s Last Theorem Exercise 4.7: A primitive Pythagorean triple is one in which any two of the three numbers are relatively prime. Show that every multiple of a Pythagorean triple

Orders Modulo A Prime Evan Chen March 6, 2015 In this article I develop the notion of the order of an element modulo n, and use it to prove the famous n 2 + 1 lemma as well as a generalization to arbitrary

Lecture 3 Mathematical Induction Induction is a fundamental reasoning process in which general conclusion is based on particular cases It contrasts with deduction, the reasoning process in which conclusion

Alex, I will take congruent numbers for one million dollars please Jim L. Brown The Ohio State University Columbus, OH 4310 jimlb@math.ohio-state.edu One of the most alluring aspectives of number theory

Chapter 4 Ideal Class Group and Units We are now interested in understanding two aspects of ring of integers of number fields: how principal they are (that is, what is the proportion of principal ideals

PROOFS BY DESCENT KEITH CONRAD As ordinary methods, such as are found in the books, are inadequate to proving such difficult propositions, I discovered at last a most singular method... that I called the

THE CONGRUENT NUMBER PROBLEM KEITH CONRAD 1. Introduction A right triangle is called rational when its legs and hypotenuse are all rational numbers. Examples of rational right triangles include Pythagorean

APPLICATIONS OF THE ORDER FUNCTION LECTURE NOTES: MATH 432, CSUSM, SPRING 2009. PROF. WAYNE AITKEN In this lecture we will explore several applications of order functions including formulas for GCDs and

MTHSC 412 Section 2.4 Prime Factors and Greatest Common Divisor Greatest Common Divisor Definition Suppose that a, b Z. Then we say that d Z is a greatest common divisor (gcd) of a and b if the following

CHAPTER 5 Number Theory 1. Integers and Division 1.1. Divisibility. Definition 1.1.1. Given two integers a and b we say a divides b if there is an integer c such that b = ac. If a divides b, we write a

Number Fields Introduction A number field is a field of finite degree over Q. By the Primitive Element Theorem, any number field K = Q(α) for some α K. The minimal polynomial Let K be a number field and

Pythagorean Quadruples 1. Pythagorean and Primitive Pythagorean Quadruples A few years ago, I became interested with those 3 vectors with integer coordinates and integer length or norm. The simplest example